package vul
//Ladon Scanner for golang 
//Author: k8gege
//K8Blog: http://k8gege.org/Ladon
//Github: https://github.com/k8gege/LadonGo
import (
	"crypto/tls"
	"fmt"
	"net/http"
	"regexp"
	"time"
)

func CheckCVE_2021_21972(target string) {
	trs := &http.Transport{
		TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
	}
	hc := &http.Client{Transport: trs,Timeout: time.Duration(3 * time.Second)}
	if isurl, _ := regexp.MatchString(`https://`, target); isurl == false{
		target = "https://" + target
	}
	upurl := "/ui/vropspluginui/rest/services/uploadova"
	var payload = fmt.Sprintf("%s%s", target, upurl)
	req, _ := http.NewRequest("GET", payload, nil)

	req.Header.Set("user-agent", "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50")
	req2, err2:= hc.Do(req)
	if nil != err2{
	return
	}
	if req2.StatusCode == 405 {
		fmt.Printf("[+]%s IsVUL CVE-2021-21972\n", target)
	}
}
